Communication systems often use data encryption techniques to transfer communication data (i.e., traffic) in a secure manner. Security is provided through the use of encryption keys that are used by communication devices (e.g., mobile radios) to encrypt and decrypt the traffic. A common encryption technique for use in communication systems, especially trunked radio communication systems, is a symmetric encryption system (SES) in which the same traffic encryption key is used by a sender to encrypt traffic and by one or more receivers to decrypt the traffic. Typically, a common traffic encryption key is shared by a group of authorized users (e.g., members of a police or fire department) and is updated periodically to increase security. In operation, updates to group traffic encryption keys (GTKs) are transferred to communication devices of all authorized group members so that they may encrypt/decrypt traffic to/from other group members. To preserve the integrity of an SES communication system, the communication system needs to prevent unauthorized individuals from accessing the GTKs.
FIG. 1 depicts a typical encryption key distribution system for distributing GTKs to enable secure communications between group member communication devices, e.g., the communication devices of a group of authorized users. The distribution system includes a key administrator 102 that generates the GTKs, a key distribution and storage facility 104 (“distribution facility”) for storing and distributing the GTKs, and a plurality of group devices (represented by group member #1 communication device 100a and group member #2 communication device 100b) that use the GTKs to encrypt/decrypt traffic between group member communication devices 100a, b. Typical encryption key distribution systems are described in U.S. Pat. No. 5,528,691 to Rosauer et al., U.S. Pat. No. 5,619,572 to Sowa, and U.S. Pat. No. 5,768,380 to Rosauer et al., incorporated fully herein by reference.
In use, the key administrator 102 generates a GTK for use by the group member communication devices 100a, b to encrypt/decrypt traffic. The key administrator 102 passes the current unencrypted GTK to the distribution facility 104 where it is stored unencrypted. Prior to distribution to the individual group member communication devices, the GTK is encrypted using individual secrets that are unique to the individual group member communication devices. The encrypted GTKs (EGTKs) are then transferred to the individual group member communication devices 100a, b. For example, to transfer the GTK to the group member #1 communication device 100a, the distribution facility 104 encrypts the GTK using an individual secret known to the distribution facility 104 and to the group member #1 communication device 100a and transfers the resultant EGTK to the group member #1 communication device 100a. Likewise, to transfer the GTK to the group member #2 communication device 100b, the distribution facility 104 encrypts the GTK using an individual secret known to the distribution facility 104 and to the group member #2 communication device 100b and transfers the resultant EGTK to the group member #2 communication device 100b. The individual group member communication devices 100a, b, using previously stored individual secrets identical to the individual secrets used by the distribution facility 104 to encrypt the GTK, decrypt the GTK for use in encrypting/decrypting traffic between group devices 100a, b. 
The individual secrets are stored on the group member communication devices 100a, b prior to distribution of the communication devices to authorized users. Each communication device 100a, b is assigned to an authorized user and stores one or more individual secrets associated with that user. The individual secrets are stored in an electronic format that cannot be viewed or updated by the user. Accordingly, for secure communications, an authorized user must use the assigned communication device in order to possess and use the individual secrets associated with that user.
The encryption key distribution system described in reference to FIG. 1 is commonly used in the communication systems employed by many private organizations and by public service organizations, such as police, fire, and ambulance squads. The key administrator 102 and the group member communication devices 100a, b are typically secure, i.e., are under the direct control of a particular organization and its associated personnel. Typically, however, multiple groups use a single key distribution and storage facility 104 that is under the control of a third party, e.g., a private corporation. For example, in a communication system for use by a police department, the police department maintains control over a key administrator 102 that resides on its premises and police officers maintain control over the individual group member communication devices 100a, b. The distribution facility 104, however, is typically managed by an organization that is not under the direct control of the police department. Since the distribution facility 104 is under the control of a third party, it is potentially unsecure. Therefore, the potential exists for unauthorized users to gain access to the GTKs stored on the unsecure key distribution and storage facility 104, thereby compromising the integrity of the communication system.